一、ssh使用:
ssh USERNAME@HOST
ssh -l USERNAME HOST
ssh USERNAME@HOST 'COMMAND' 单引号
[root@test ~]# ssh 110.119.131.204 #第一次连接需发送主机认证
Theauthenticity of host '110.119.131.204 (110.119.131.204)' can't be established.
RSAkey fingerprint is 91:a3:75:4b:3c:50:fd:5a:60:1a:39:ab:d5:0b:83:16.
Areyou sure you want to continue connecting (yes/no)? y
[root@fox.ssh]# cat known_hosts
110.119.131.195ssh-rsaAAAAB3NzaC1yc2EAAAABIwAAAQEA7WecSyXB82qLwTOmh/Mhh8ic80Oj/lhS2xTjVHLz5jy8aq6XxS8gOVErcJZU4qL/eG0aDEMiyUQ5OChq1IUu3U+dO0eHLgpCt6UMd/LAxYjB5rvXE6pCvESJpTRK/oJEhnnzjHXLxZG2tD8t2xy1Bvt8+6K+2TBX64z2uEav8Yy5DcH2zQzMP/4bkn7my0WPDlwRsFSDW2CE/0GWFqKL8PWt2r9DoUS4c5umwqPe4cqyvvLA960YmeNuMlnNBKp2XOBrTpLsigsIXO6lVqhEcWUU1bV7JRPmgQbZjCu5onw1Ez4929XkVroxX02E9IS6DBGN6U6tMIC8fMwUjjrbXQ==
二、scp使用:
scpSRC DEST -r递归 -a
scpUSERNAME@HOST:/path/to/somefile /path/to/local
scp/path/to/local USERNAME@HOST:/path/to/somewhere
[root@test ~]# scp 10.109.131.204:/etc/fstab ./
root@10.109.131.204's password:
Permission denied, please try again.
root@10.109.131.204's password:
fstab 100% 854 0.8KB/s 00:00
[root@test ~]# ls
anaconda-ks.cfg Desktop install.log.syslog minsysbak rc.sysreboot
bincopy.sh fstab mbox rc.reboot test
cpbin.sh install.log minitest rc.sysdone testiso
[root@test ~]# ll fstab
-rw-r--r-- 1 root root 854 Dec 5 16:53 fstab
[root@test ~]# date
Mon Dec 5 16:53:28 CST 2016
ssh-keygen
-trsa
~/.ssh/id_rsa
~/.ssh/id_rsa.pub
-f /path/to/KEY_FILE
-P '': 指定加密私钥的密码
三、自动保存登录密码:
多命令实现自动保存登录密码:
[root@test ~]# ssh -keygen -t rsa
Bad escape character 'ygen'.
[root@test ~]# ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
d8:f0:bb:be:4b:aa:c0:59:4d:55:de:77:13:36:d7:11 root@test
[root@test ~]# ls .ssh/
id_rsa id_rsa.pub known_hosts
[root@test ~]# scp .ssh/id_rsa.pub root@10.109.131.204:/root
root@10.109.131.204's password:
Permission denied, please try again.
root@10.109.131.204's password:
id_rsa.pub 100% 391 0.4KB/s 00:00
[root@test ~]# ssh 10.109.131.204
root@10.109.131.204's password:
Last login: Mon Dec 5 16:18:26 2016 from 10.109.131.209
[root@fox ~]# cat id_rsa.pub >> .ssh/authorized_keys
[root@fox ~]# exit
logout
Connection to 10.109.131.204 closed.
[root@test ~]# ssh 10.109.131.204 #无密码进入
Last login: Mon Dec 5 17:09:57 2016 from 10.109.131.209
单命令实现自动保存登录密码:
[root@fox ~]# ssh-keygen -t rsa -f .ssh/id_rsa -P ''
Generating public/private rsa key pair.
Your identification has been saved in .ssh/id_rsa.
Your public key has been saved in .ssh/id_rsa.pub.
The key fingerprint is:
f8:b2:7d:64:20:ec:5f:09:3f:3f:2b:96:df:33:60:d3 root@fox
[root@test ~]# ssh 10.109.131.204
Last login: Mon Dec 5 17:11:14 2016 from 10.109.131.209
[root@fox ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@10.109.131.204
root@10.109.131.204's password:
Now try logging into the machine, with "ssh 'root@10.109.131.204'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[root@fox ~]# netstat -tnl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:57583 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 :::111 :::* LISTEN
tcp 0 0 :::22 :::* LISTEN
tcp 0 0 ::1:25 :::* LISTEN
tcp 0 0 :::45668 :::* LISTEN
四、免密码登录主机和SFTP:
ssh-keygen
-t {rsa|dsa}
-f 路径
-N 'password'
[hadoop@jacktest ~]$ ssh-keygen -t rsa -f .ssh/id_rsa -N ''
Generating public/private rsa key pair.
Your identification has been saved in .ssh/id_rsa.
Your public key has been saved in .ssh/id_rsa.pub.
The key fingerprint is:
21:d8:1d:dd:3d:f4:ae:7f:01:a3:ad:d7:ca:97:ea:8d hadoop@jacktest
[hadoop@jacktest ~]$ ssh-copy-id -i .ssh/id_rsa.pub root@110.19.13.209
15 #复制且追加到对方家目录中的.ssh/authorized_keys
The authenticity of host '110.19.131.209 (110.19.13.209)' can't be established.
RSA key fingerprint is c2:f2:75:5c:ab:4a:43:d3:e1:76:bc:d2:0f:c7:d6:32.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '110.19.13.209' (RSA) to the list of known hosts.
root@10.109.131.209's password:
Now try logging into the machine, with "ssh 'root@110.19.13.209'", and check in:
.ssh/authorized_keys
to make sure we haven't added extra keys that you weren't expecting.
[hadoop@jacktest ~]$ ssh -l root 110.19.13.209 #单向免密码登录
Last login: Mon Dec 12 10:34:24 2016 from 110.19.13.209
[hadoop@jacktest ~]$ sftp 110.19.13.208 #免密码登录sftp,文件加密传输
Connecting to 110.19.13.208...
sftp> ls
Desktop anaconda-ks.cfg bincopy.sh
---end---